Handle encoded params further by ijjk · Pull Request #91627 · vercel/next.js

ijjk · 2026-03-19T00:43:14Z

Continues #91603 applying the encoding normalization further and narrows in a better regression test separate of root params and specific to vary params flag.

nextjs-bot · 2026-03-19T01:06:02Z

Stats from current PR

🔴 1 regression

Metric	Canary	PR	Change	Trend
node_modules Size	484 MB	484 MB	🔴 +83.7 kB (+0%)	▁▁▁▁▁

📊 All Metrics

📖 Metrics Glossary

Dev Server Metrics:

Listen = TCP port starts accepting connections
First Request = HTTP server returns successful response
Cold = Fresh build (no cache)
Warm = With cached build artifacts

Build Metrics:

Fresh = Clean build (no .next directory)
Cached = With existing .next directory

Change Thresholds:

Time: Changes < 50ms AND < 10%, OR < 2% are insignificant
Size: Changes < 1KB AND < 1% are insignificant
All other changes are flagged to catch regressions

⚡ Dev Server

Metric	Canary	PR	Change	Trend
Cold (Listen)	964ms	965ms	✓	▁▁▁▁▁
Cold (Ready in log)	928ms	933ms	✓	▁▁▁▁▁
Cold (First Request)	1.621s	1.551s	✓	▂▂▂▁▁
Warm (Listen)	965ms	962ms	✓	▁▁▁▁▁
Warm (Ready in log)	935ms	928ms	✓	▁▂▁▁▁
Warm (First Request)	706ms	694ms	✓	▁▁▁▁▁

📦 Dev Server (Webpack) (Legacy)

📦 Dev Server (Webpack)

Metric	Canary	PR	Change	Trend
Cold (Listen)	455ms	455ms	✓	▁▁▁▁▁
Cold (Ready in log)	439ms	439ms	✓	▁▁▁▁▁
Cold (First Request)	1.957s	1.980s	✓	▃▃▂▁▂
Warm (Listen)	456ms	456ms	✓	▁▁▁▁▁
Warm (Ready in log)	438ms	438ms	✓	▁▁▁▁▁
Warm (First Request)	1.956s	1.982s	✓	▂▂▂▁▂

⚡ Production Builds

Metric	Canary	PR	Change	Trend
Fresh Build	6.443s	6.389s	✓	▁▂▁▂▁
Cached Build	6.337s	6.507s	✓	▁▂▁▂▁

📦 Production Builds (Webpack) (Legacy)

📦 Production Builds (Webpack)

Metric	Canary	PR	Change	Trend
Fresh Build	14.434s	14.436s	✓	▁▁▁▁▁
Cached Build	14.493s	14.506s	✓	▁▁▁▁▁
node_modules Size	484 MB	484 MB	🔴 +83.7 kB (+0%)	▁▁▁▁▁

📦 Bundle Sizes

Bundle Sizes

⚡ Turbopack

Client

Main Bundles

	Canary	PR	Change
0-a3rz67ec0it.js gzip	157 B	N/A	-
0.9zdz7ux63kn.js gzip	48.7 kB	N/A	-
0~lwfcrlb4v_9.css gzip	115 B	115 B	✓
00h0nz7r436~l.js gzip	13.3 kB	N/A	-
00ivb_iunbucu.js gzip	13 kB	N/A	-
02ku7edzc_wf7.js gzip	450 B	N/A	-
03~yq9q893hmn.js gzip	39.4 kB	39.4 kB	✓
037mxw~u2_79t.js gzip	154 B	N/A	-
08wow2p6zxy.b.js gzip	7.61 kB	N/A	-
092lcb3fqrrf9.js gzip	8.52 kB	N/A	-
0aj~xs1l1g8tg.js gzip	8.53 kB	N/A	-
0gob4q88vgv3u.js gzip	156 B	N/A	-
0h35gmp9u328z.js gzip	8.54 kB	N/A	-
0h6fkavebp.iz.js gzip	8.47 kB	N/A	-
0hcg0snee_9wv.js gzip	156 B	N/A	-
0i8jiw50w3l38.js gzip	154 B	N/A	-
0ino_yf1k3h6k.js gzip	10.4 kB	N/A	-
0kkeoe2n.293z.js gzip	160 B	N/A	-
0l~j-k_rjuult.js gzip	70.8 kB	N/A	-
0mc16gv2x1bet.js gzip	13.7 kB	N/A	-
0mcszt6vwd60_.js gzip	154 B	N/A	-
0mgzv7x.0y719.js gzip	169 B	N/A	-
0moy~uao4dl.m.js gzip	9.19 kB	N/A	-
0n5ln2l5jgra~.js gzip	152 B	N/A	-
0ovzdapbcjgc7.js gzip	65.7 kB	N/A	-
0p2fwrxw124by.js gzip	160 B	N/A	-
0q50rtpusjy90.js gzip	2.28 kB	N/A	-
0smgy2grrrlka.js gzip	8.58 kB	N/A	-
0t1dzhdfh0txh.js gzip	215 B	215 B	✓
0vt7pofxnk8in.js gzip	10.1 kB	N/A	-
0zid7o0-vupvp.js gzip	225 B	N/A	-
1030wmumq.hbq.js gzip	156 B	N/A	-
11yo3xfd6b147.js gzip	12.9 kB	N/A	-
13.84hqxl_1p7.js gzip	9.76 kB	N/A	-
13ddjl2tc8beg.js gzip	153 B	N/A	-
1554wr-t7p6z-.js gzip	8.55 kB	N/A	-
15pd.z8aymtma.js gzip	155 B	N/A	-
15tjst79~qy3_.js gzip	1.46 kB	N/A	-
15z_v00ne4ud0.js gzip	8.47 kB	N/A	-
17d_m3p4j9w6r.js gzip	5.62 kB	N/A	-
17yu~3yiu7d2m.js gzip	8.52 kB	N/A	-
turbopack-0-..rr~~.js gzip	4.15 kB	N/A	-
turbopack-01..zoj7.js gzip	4.16 kB	N/A	-
turbopack-01..cl9..js gzip	4.16 kB	N/A	-
turbopack-02..bqca.js gzip	4.14 kB	N/A	-
turbopack-0d..r9ub.js gzip	4.15 kB	N/A	-
turbopack-0f..1w4v.js gzip	4.15 kB	N/A	-
turbopack-0g..5lrl.js gzip	4.16 kB	N/A	-
turbopack-0l..aco3.js gzip	4.16 kB	N/A	-
turbopack-0p..4qy0.js gzip	4.17 kB	N/A	-
turbopack-0p..y0cg.js gzip	4.16 kB	N/A	-
turbopack-0q..cwm4.js gzip	4.15 kB	N/A	-
turbopack-0z..uyvd.js gzip	4.16 kB	N/A	-
turbopack-10..ov9~.js gzip	4.16 kB	N/A	-
turbopack-15..lg62.js gzip	4.16 kB	N/A	-
01fz~yk-xpt_j.js gzip	N/A	155 B	-
03q~t68gnhli5.js gzip	N/A	151 B	-
03t__~.5lvgeu.js gzip	N/A	5.62 kB	-
04d6ll75jqx3r.js gzip	N/A	9.19 kB	-
04ohz21fsta_x.js gzip	N/A	155 B	-
0583exyh-yhc7.js gzip	N/A	9.76 kB	-
072lv63r8dcz~.js gzip	N/A	8.58 kB	-
075t9dxgbf0m8.js gzip	N/A	13.7 kB	-
0aayvzj0bc0sv.js gzip	N/A	65.7 kB	-
0ar1~bwpezfgw.js gzip	N/A	13.3 kB	-
0b8f8fliy73oo.js gzip	N/A	156 B	-
0bf-.01jgmps6.js gzip	N/A	155 B	-
0bh~qxl7qejt_.js gzip	N/A	156 B	-
0c99mq1ez2bke.js gzip	N/A	450 B	-
0cq-cmde_ws6u.js gzip	N/A	8.47 kB	-
0ejf9o-j2g.v8.js gzip	N/A	161 B	-
0fbbsxh94xk-..js gzip	N/A	153 B	-
0fwf102w10o9~.js gzip	N/A	8.52 kB	-
0g1-kfhbbj91x.js gzip	N/A	153 B	-
0gtmn.q_j1v5r.js gzip	N/A	10.4 kB	-
0h5~v-tahitcf.js gzip	N/A	10.1 kB	-
0jvqf.i8i3nyb.js gzip	N/A	168 B	-
0l3rjj4_ye7_a.js gzip	N/A	159 B	-
0nclq9z6yzzm5.js gzip	N/A	1.46 kB	-
0nzumcogektg7.js gzip	N/A	8.55 kB	-
0p5sjual.nuis.js gzip	N/A	13 kB	-
0p88ggrxiy7bp.js gzip	N/A	7.6 kB	-
0s.c-cn5eebrx.js gzip	N/A	8.47 kB	-
0tna7lg6q4zne.js gzip	N/A	12.9 kB	-
0votdfxr5fb5u.js gzip	N/A	2.28 kB	-
0wz-g5ya6or-8.js gzip	N/A	48.7 kB	-
0ykl9bs_qj.5..js gzip	N/A	8.52 kB	-
0zfen0tnxp4gh.js gzip	N/A	8.55 kB	-
101h7adwwavut.js gzip	N/A	70.8 kB	-
10wkq1h9jzkg..js gzip	N/A	225 B	-
11bj8iuigzpg6.js gzip	N/A	150 B	-
11jeywtke9fil.js gzip	N/A	154 B	-
149ndfh8zfcaz.js gzip	N/A	8.53 kB	-
turbopack-0~..8_c3.js gzip	N/A	4.15 kB	-
turbopack-0~..u794.js gzip	N/A	4.15 kB	-
turbopack-00..vw48.js gzip	N/A	4.16 kB	-
turbopack-08..mj...js gzip	N/A	4.16 kB	-
turbopack-0b..lw-4.js gzip	N/A	4.16 kB	-
turbopack-0f..y01v.js gzip	N/A	4.15 kB	-
turbopack-0h..e3yh.js gzip	N/A	4.14 kB	-
turbopack-0p..3gzv.js gzip	N/A	4.16 kB	-
turbopack-0s..kjmy.js gzip	N/A	4.17 kB	-
turbopack-0y..8oe7.js gzip	N/A	4.16 kB	-
turbopack-0y..ft~1.js gzip	N/A	4.15 kB	-
turbopack-10..noez.js gzip	N/A	4.15 kB	-
turbopack-11..x5rm.js gzip	N/A	4.15 kB	-
turbopack-17..oaih.js gzip	N/A	4.15 kB	-
Total	463 kB	463 kB	✅ -22 B

Server

Middleware

	Canary	PR	Change
middleware-b..fest.js gzip	711 B	714 B	✓
Total	711 B	714 B	⚠️ +3 B

Build Details

Build Manifests

	Canary	PR	Change
_buildManifest.js gzip	433 B	426 B	🟢 7 B (-2%)
Total	433 B	426 B	✅ -7 B

📦 Webpack

Client

Main Bundles

	Canary	PR	Change
5528-HASH.js gzip	5.54 kB	N/A	-
6280-HASH.js gzip	60.4 kB	N/A	-
6335.HASH.js gzip	169 B	N/A	-
912-HASH.js gzip	4.59 kB	N/A	-
e8aec2e4-HASH.js gzip	62.7 kB	N/A	-
framework-HASH.js gzip	59.7 kB	59.7 kB	✓
main-app-HASH.js gzip	256 B	254 B	✓
main-HASH.js gzip	39.3 kB	39.2 kB	✓
webpack-HASH.js gzip	1.68 kB	1.68 kB	✓
262-HASH.js gzip	N/A	4.59 kB	-
2889.HASH.js gzip	N/A	169 B	-
5602-HASH.js gzip	N/A	5.55 kB	-
6948ada0-HASH.js gzip	N/A	62.7 kB	-
9544-HASH.js gzip	N/A	61.1 kB	-
Total	234 kB	235 kB	⚠️ +673 B

Polyfills

	Canary	PR	Change
polyfills-HASH.js gzip	39.4 kB	39.4 kB	✓
Total	39.4 kB	39.4 kB	✓

Pages

	Canary	PR	Change
_app-HASH.js gzip	194 B	194 B	✓
_error-HASH.js gzip	183 B	180 B	🟢 3 B (-2%)
css-HASH.js gzip	331 B	330 B	✓
dynamic-HASH.js gzip	1.81 kB	1.81 kB	✓
edge-ssr-HASH.js gzip	256 B	256 B	✓
head-HASH.js gzip	351 B	352 B	✓
hooks-HASH.js gzip	384 B	383 B	✓
image-HASH.js gzip	580 B	581 B	✓
index-HASH.js gzip	260 B	260 B	✓
link-HASH.js gzip	2.51 kB	2.51 kB	✓
routerDirect..HASH.js gzip	320 B	319 B	✓
script-HASH.js gzip	386 B	386 B	✓
withRouter-HASH.js gzip	315 B	315 B	✓
1afbb74e6ecf..834.css gzip	106 B	106 B	✓
Total	7.98 kB	7.98 kB	✅ -1 B

Server

Edge SSR

	Canary	PR	Change
edge-ssr.js gzip	125 kB	125 kB	✓
page.js gzip	269 kB	269 kB	✓
Total	394 kB	394 kB	✅ -260 B

Middleware

	Canary	PR	Change
middleware-b..fest.js gzip	617 B	613 B	✓
middleware-r..fest.js gzip	156 B	155 B	✓
middleware.js gzip	43.9 kB	44 kB	✓
edge-runtime..pack.js gzip	842 B	842 B	✓
Total	45.5 kB	45.6 kB	⚠️ +62 B

Build Details

Build Manifests

	Canary	PR	Change
_buildManifest.js gzip	715 B	718 B	✓
Total	715 B	718 B	⚠️ +3 B

Build Cache

	Canary	PR	Change
0.pack gzip	4.29 MB	4.28 MB	🟢 5.89 kB (0%)
index.pack gzip	110 kB	110 kB	✓
index.pack.old gzip	111 kB	110 kB	✓
Total	4.51 MB	4.5 MB	✅ -6.45 kB

🔄 Shared (bundler-independent)

Runtimes

	Canary	PR	Change
app-page-exp...dev.js gzip	333 kB	334 kB	✓
app-page-exp..prod.js gzip	181 kB	181 kB	✓
app-page-tur...dev.js gzip	333 kB	333 kB	✓
app-page-tur..prod.js gzip	181 kB	181 kB	✓
app-page-tur...dev.js gzip	330 kB	330 kB	✓
app-page-tur..prod.js gzip	179 kB	179 kB	✓
app-page.run...dev.js gzip	330 kB	330 kB	✓
app-page.run..prod.js gzip	179 kB	179 kB	✓
app-route-ex...dev.js gzip	76.1 kB	76.2 kB	✓
app-route-ex..prod.js gzip	51.8 kB	51.8 kB	✓
app-route-tu...dev.js gzip	76.1 kB	76.2 kB	✓
app-route-tu..prod.js gzip	51.8 kB	51.9 kB	✓
app-route-tu...dev.js gzip	75.7 kB	75.8 kB	✓
app-route-tu..prod.js gzip	51.6 kB	51.6 kB	✓
app-route.ru...dev.js gzip	75.7 kB	75.8 kB	✓
app-route.ru..prod.js gzip	51.5 kB	51.6 kB	✓
dist_client_...dev.js gzip	324 B	324 B	✓
dist_client_...dev.js gzip	326 B	326 B	✓
dist_client_...dev.js gzip	318 B	318 B	✓
dist_client_...dev.js gzip	317 B	317 B	✓
pages-api-tu...dev.js gzip	43.4 kB	43.4 kB	✓
pages-api-tu..prod.js gzip	33 kB	33 kB	✓
pages-api.ru...dev.js gzip	43.3 kB	43.4 kB	✓
pages-api.ru..prod.js gzip	33 kB	33 kB	✓
pages-turbo....dev.js gzip	52.7 kB	52.8 kB	✓
pages-turbo...prod.js gzip	38.6 kB	38.6 kB	✓
pages.runtim...dev.js gzip	52.7 kB	52.8 kB	✓
pages.runtim..prod.js gzip	38.6 kB	38.6 kB	✓
server.runti..prod.js gzip	62.5 kB	62.5 kB	✓
Total	2.96 MB	2.96 MB	⚠️ +1.75 kB

📝 Changed Files (25 files)

Files with changes:

app-page-exp..ntime.dev.js
app-page-exp..time.prod.js
app-page-tur..ntime.dev.js
app-page-tur..time.prod.js
app-page-tur..ntime.dev.js
app-page-tur..time.prod.js
app-page.runtime.dev.js
app-page.runtime.prod.js
app-route-ex..ntime.dev.js
app-route-ex..time.prod.js
app-route-tu..ntime.dev.js
app-route-tu..time.prod.js
app-route-tu..ntime.dev.js
app-route-tu..time.prod.js
app-route.runtime.dev.js
app-route.ru..time.prod.js
pages-api-tu..ntime.dev.js
pages-api-tu..time.prod.js
pages-api.runtime.dev.js
pages-api.ru..time.prod.js
... and 5 more

View diffs

app-page-exp..ntime.dev.js

failed to diff

app-page-exp..time.prod.js

Diff too large to display

app-page-tur..ntime.dev.js

failed to diff

app-page-tur..time.prod.js

Diff too large to display

app-page-tur..ntime.dev.js

failed to diff

app-page-tur..time.prod.js

failed to diff

app-page.runtime.dev.js

failed to diff

app-page.runtime.prod.js

Diff too large to display

app-route-ex..ntime.dev.js

Diff too large to display

app-route-ex..time.prod.js

Diff too large to display

app-route-tu..ntime.dev.js

Diff too large to display

app-route-tu..time.prod.js

Diff too large to display

app-route-tu..ntime.dev.js

Diff too large to display

app-route-tu..time.prod.js

Diff too large to display

app-route.runtime.dev.js

Diff too large to display

app-route.ru..time.prod.js

Diff too large to display

pages-api-tu..ntime.dev.js

Diff too large to display

pages-api-tu..time.prod.js

Diff too large to display

pages-api.runtime.dev.js

Diff too large to display

pages-api.ru..time.prod.js

Diff too large to display

pages-turbo...ntime.dev.js

Diff too large to display

pages-turbo...time.prod.js

Diff too large to display

pages.runtime.dev.js

Diff too large to display

pages.runtime.prod.js

Diff too large to display

server.runtime.prod.js

Diff too large to display

📎 Tarball URL

https://vercel-packages.vercel.app/next/commits/2b4a2070d27f3c7dd3c7ed10cd0e58528ff43dcf/next

ztanner · 2026-03-19T18:23:44Z

  defaultRouteMatches: ParsedUrlQuery,
  ignoreMissingOptional: boolean
 ) {
+  const tryDecodeParamValue = (candidateValue: string) =>


Is this a problem for doubly encoded params since the route matcher does it once here? e.g. /acme/%2523hash currently matches as %23hash but this would turn it into #hash

Maybe we should compare against a decoded copy rather than mutate the param value returned to user code

Addressed: placeholder checks now decode only into a temporary comparison value and no longer mutate the param returned to user code. This preserves /acme/%2523hash as %23hash for the param value. Added a unit regression for this case in packages/next/src/server/server-utils.test.ts.

ztanner · 2026-03-19T18:29:19Z

+
+    let normalizedCandidateValue = candidateValue
+    for (let i = 0; i < 3; i++) {
+      if (normalizedCandidateValue.includes(defaultValue)) {


I'm worried about the substring matching here. For ex, a request to /acme/%255Bproject%255D-suffix for route /[team]/[project].

The route matcher already decodes once, so project becomes %5Bproject%5D-suffix.

Then this placeholder check decodes again, which turns it into [project]-suffix, and includes('[project]') returns true.

At that point we reject the param as if it were still the default placeholder, even though it's not.

It seems like this should only reject exact placeholder matches after normalization, not arbitrary values that contain the placeholder text.

Good catch, fixed. Placeholder detection now uses exact match after normalization instead of substring matching. So /acme/%255Bproject%255D-suffix is no longer treated as a placeholder default. Added a regression test for this exact scenario in packages/next/src/server/server-utils.test.ts.

Handle encoded params further

37d0cbf

nextjs-bot added created-by: Next.js team PRs by the Next.js team. tests labels Mar 19, 2026